jaywcjlove /
awesome-mac
This project is dedicated to collecting high-quality macOS software and organizing them systematically by different categories for easy search and use.
Loading repository data…
hxlxmj / repository
This is a P.O.C bitcoin stealer strictly for educational purposes written in C# purely ... Sole purpose is to detect the user's bitcoin wallet and change it to the malicious bitcoin wallet Quite basic so all trolls allowed.A (v3.5 compatible) .NET tool for stealing and importing certificates in the Windows certificate store without touching disk. Useful for red team operations where you need to poach a certificate for pivoting purposes and want to do so with an in-memory post-ex payload.

This is a P.O.C bitcoin stealer strictly for educational purposes written in C# purely ... Sole purpose is to detect the user's bitcoin wallet and change it to the malicious bitcoin wallet Quite basic so all trolls allowed.A (v3.5 compatible) .NET tool for stealing and importing certificates in the Windows certificate store without touching disk. Useful for red team operations where you need to poach a certificate for pivoting purposes and want to do so with an in-memory post-ex payload.
This tool is flagged as malware by Defender. DO NOT run it from disk on-target. DO NOT run it in memory on target WITHOUT AMSI BYPASSED. And DO obfuscate it with a tool like ConfuserEx, just in case.
If you export a certificate with a private key as PFX then the password will be blank by default. Blank, not non-existent. Optionally, you may specify a password with the --password argument.
If keys are marked as not exportable then you will have to patch CAPI to allow export of non-exportable keys in the current process. This can be done with mimikatz via the crypto::capi command. If you are trying to export device certificates that are not exportable, mimikatz can instead patch the memory of the running lsass.exe process to bypass protections using the crypto::cng command.

Alternatively, you may extract the private keys manually using DPAPI operations. Use the user's DPAPI masterkey, (or a password, domain DPAPI private key, or system backup key to first decrypt the user's masterkey) to extract and decrypt the user's certificates from the registry. This can be done with SharpDPAPI or mimikatz. For more details, checkout the THEFT2 and THEFT3 sections of SpecterOps's whitepaper: Certified Pre-Owned. (Really you should just read that whole paper.)

If you want to build from the source these are the requirements.
Only needed if u download the release from Releases (stealerium.zip)
Selected from shared topics, language and repository description—not editorial ratings.
jaywcjlove /
This project is dedicated to collecting high-quality macOS software and organizing them systematically by different categories for easy search and use.
Asabeneh /
The 30 Days of Python programming challenge is a step-by-step guide to learn the Python programming language in 30 days. This challenge may take more than 100 days. Follow your own pace. These videos may help too: https://www.youtube.com/channel/UC7PNRuno1rzYPb1xLa4yktw
git /
Git Source Code Mirror - This is a publish-only repository but pull requests can be turned into patches to the mailing list via GitGitGadget (https://gitgitgadget.github.io/). Please follow Documentation/SubmittingPatches procedure for any of your improvements.
Asabeneh /
30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace. These videos may help too: https://www.youtube.com/channel/UC7PNRuno1rzYPb1xLa4yktw
DataExpert-io /
This is a repo with links to everything you'd ever want to learn about data engineering
huihut /
📚 C/C++ 技术面试基础知识总结,包括语言、程序库、数据结构、算法、系统、网络、链接装载库等知识及面试经验、招聘、内推等信息。This repository is a summary of the basic knowledge of recruiting job seekers and beginners in the direction of C/C++ technology, including language, program library, data structure, algorithm, system, network, link loading library, interview experience, recruitment, recommendation, etc.